import frappe
from frappe import _

def get_permission_query_conditions(user):
    if not user:
        user = frappe.session.user
    # todos that belong to user or assigned by user
    roles = frappe.get_roles()    
    if "System Manager" in roles or "财务会计" in roles:
        return ""      
    if "部门主管" in roles:
        return f"(`tabCP_Expense`.owner = '{user}' or `tabCP_Expense`.dept_manager = '{user}')".format(user=frappe.db.escape(user))  
    return f"(`tabCP_Expense`.owner = '{user}')".format(user=frappe.db.escape(user))  
